:kz2...@googlemail.com]
Sent: Wednesday, July 20, 2011 2:33 AM
To: NT System Admin Issues
Subject: Re: non-local admin revisited
I run with a non-privileged account on my Win7 workstation and have an
admin account that I supply to UAC whenever I need to run anything with
higher-level privileges.
This works g
:)
* *
*ASB* *http://about.me/Andrew.S.Baker* *Harnessing the Advantages of
Technology for the SMB market…
*
On Wed, Jul 20, 2011 at 9:06 PM, Ben Scott wrote:
> On Wed, Jul 20, 2011 at 7:02 AM, Andrew S. Baker
> wrote:
> >> I'd still much rather be required to enter a password for privile
On Wed, Jul 20, 2011 at 7:02 AM, Andrew S. Baker wrote:
>> I'd still much rather be required to enter a password for privileged
>> operations. Being one click away from system privilege is scary for a
>> number of reasons.
>
> Either way is easily faciliated depending upon one's requirements.
I am with Ben on this. $Dayjob$ has it like Andrew has it.
Jon
On Wed, Jul 20, 2011 at 12:07 AM, Ben Scott wrote:
> On Tue, Jul 19, 2011 at 9:36 PM, Kennedy, Jim
> wrote:
> > Hmmm, I like this. With UAC on there is validity to running as
> > an admin all the time, IF you only have admin on yo
es not add…it replaces.***
> *
>
> ** **
>
> *From:* David Lum [mailto:david@nwea.org]
> *Sent:* Tuesday, July 19, 2011 1:32 PM
>
> *To:* NT System Admin Issues
> *Subject:* RE: non-local admin revisited
>
> ** **
>
> A local admin account? So 50 IT folks would have 50
and if that fails, then simply remove the users hands :)
From: James Rankin [mailto:kz2...@googlemail.com]
Sent: 20 July 2011 17:02
To: NT System Admin Issues
Subject: Re: non-local admin revisited
It is if they have to type some credentials in. If they have admin accounts and
will type their
matter how much you warn them, a dimmed UAC screen
>> isn't going to inhibit their impulses.
>>
>> > -Original Message-
>> > From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]
>> > Sent: Tuesday, July 19, 2011 6:37 PM
>> > To:
m: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]
> > Sent: Tuesday, July 19, 2011 6:37 PM
> > To: NT System Admin Issues
> > Subject: RE: non-local admin revisited
> >
> >
> > Hmmm, I like this. With UAC on there is validity to running as an
> admin all the
--
> From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]
> Sent: Tuesday, July 19, 2011 6:37 PM
> To: NT System Admin Issues
> Subject: RE: non-local admin revisited
>
>
> Hmmm, I like this. With UAC on there is validity to running as an
admin all the
> time, IF you
Admin Issues
Subject: RE: non-local admin revisited
What's your reason for wanting to do it?
From: David Lum [david@nwea.org]
Sent: 19 July 2011 6:10 PM
To: NT System Admin Issues
Subject: non-local admin revisited
How do you bigger org's handle IT st
Either way is easily faciliated depending upon one's requirements.
* *
*ASB* *http://about.me/Andrew.S.Baker* *Harnessing the Advantages of
Technology for the SMB market…
*
On Wed, Jul 20, 2011 at 12:07 AM, Ben Scott wrote:
> On Tue, Jul 19, 2011 at 9:36 PM, Kennedy, Jim
> wrote:
> > Hmmm,
> but AFAIK it overwrites the local admins group rather than appending it
> which I’d find a little (pardon the pun) restrictive.
>
> ** **
>
> Paul
>
>
>
> *From:* Andrew S. Baker [mailto:asbz...@gmail.com]
> *Sent:* 20 July 2011 01:08
>
> *To:* NT Syste
oo much with restricted groups but
AFAIK it overwrites the local admins group rather than appending it which I'd
find a little (pardon the pun) restrictive.
Paul
From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: 20 July 2011 01:08
To: NT System Admin Issues
Subject: Re: non-local admin
On Tue, Jul 19, 2011 at 9:36 PM, Kennedy, Jim
wrote:
> Hmmm, I like this. With UAC on there is validity to running as
> an admin all the time, IF you only have admin on your own
> machine.
I'd still much rather be required to enter a password for privileged
operations. Being one click away fro
twist Andrew.
>
>
>
> From: Andrew S. Baker [asbz...@gmail.com]
> Sent: Tuesday, July 19, 2011 8:11 PM
> To: NT System Admin Issues
> Subject: Re: non-local admin revisited
>
>
> IT members have Win7 and have local admin access of their own machi
, July 19, 2011 8:11 PM
To: NT System Admin Issues
Subject: Re: non-local admin revisited
IT members have Win7 and have local admin access of their own machines, but
with UAC enabled at the default level.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~
user/id passwords they’ll all know anyway to do
> “runas”?
>
> ** **
>
> *From:* Kennedy, Jim [mailto:kennedy...@elyriaschools.org]
> *Sent:* Tuesday, July 19, 2011 10:54 AM
>
> *To:* NT System Admin Issues
> *Subject:* RE: non-local admin revisited
>
> ** **
---
> *From:* David Lum [david@nwea.org]
> *Sent:* 19 July 2011 6:10 PM
>
> *To:* NT System Admin Issues
> *Subject:* non-local admin revisited
>
> How do you bigger org’s handle IT staff (DBA’s and the like) not being
> local admins on their systems? Invariably they
That's my preference.
From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]
Sent: Wednesday, 20 July 2011 3:54 AM
To: NT System Admin Issues
Subject: RE: non-local admin revisited
Create a domain group called IT Local Admins and add the domain IT Admin
accounts you create to it. The
What's your reason for wanting to do it?
From: David Lum [david@nwea.org]
Sent: 19 July 2011 6:10 PM
To: NT System Admin Issues
Subject: non-local admin revisited
How do you bigger org’s handle IT staff (DBA’s and the like) not being local
admins on
You're going to create user/id passwords they'll all know anyway to do
"runas"?
From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]
Sent: Tuesday, July 19, 2011 10:54 AM
To: NT System Admin Issues
Subject: RE: non-local admin revisited
Create a domain group ca
Subject: non-local admin revisited
How do you bigger org's handle IT staff (DBA's and the like) not being
local admins on their systems? Invariably they are used to throwing on
whatever they want and in some ways this helps the Help desk so they're
not called to install stuff the u
.
From: David Lum [mailto:david@nwea.org]
Sent: Tuesday, July 19, 2011 1:32 PM
To: NT System Admin Issues
Subject: RE: non-local admin revisited
A local admin account? So 50 IT folks would have 50 different local admin
accounts? Other than the deny log on locally what keeps them from creating an
:20 AM
> > To: NT System Admin Issues
> > Subject: RE: non-local admin revisited
> >
> > +1
> >
> > From: Don Ely [mailto:don....@gmail.com]
> > Sent: Tuesday, July 19, 2011 1:19 PM
> > To: NT System Admin Issues
> > Subject: Re: non-local admin re
ave.
>
> ** **
>
> *From:* Kennedy, Jim [mailto:kennedy...@elyriaschools.org]
> *Sent:* Tuesday, July 19, 2011 10:20 AM
>
> *To:* NT System Admin Issues
> *Subject:* RE: non-local admin revisited
>
> ** **
>
> +1
>
> ** **
>
> *From:* Don Ely [mailto
t;
> Win 7 makes alternate credentials easy enough at least...
>
> Dave.
>
> From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]
> Sent: Tuesday, July 19, 2011 10:20 AM
> To: NT System Admin Issues
> Subject: RE: non-local admin revisited
>
> +1
>
> From: Don Ely
...@elyriaschools.org]
Sent: Tuesday, July 19, 2011 10:20 AM
To: NT System Admin Issues
Subject: RE: non-local admin revisited
+1
From: Don Ely [mailto:don@gmail.com]
Sent: Tuesday, July 19, 2011 1:19 PM
To: NT System Admin Issues
Subject: Re: non-local admin revisited
Provide them with an
+1
From: Don Ely [mailto:don@gmail.com]
Sent: Tuesday, July 19, 2011 1:19 PM
To: NT System Admin Issues
Subject: Re: non-local admin revisited
Provide them with an admin account and show them how to use "run-as"... I also
disable logon locally where I can get away with it so
Provide them with an admin account and show them how to use "run-as"... I
also disable logon locally where I can get away with it so they don't
cheat...
On Tue, Jul 19, 2011 at 10:10 AM, David Lum wrote:
> How do you bigger org’s handle IT staff (DBA’s and the like) not being
> local admins on
29 matches
Mail list logo